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DETAILED ACTION 
1. Claims 1-12 are pending in this application and presented for examination. 



Specification 

2. The disclosure is objected to because of the following informalities: "an 
environment" (page 8, line 19) is disclosed without disclosing the corresponding 
reference number, and is not included in Figure 2. Additionally, (page 8, line 19 and 
page 11, line 8) discloses "a user" without disclosing the corresponding reference number 
as illustrated in Figure 2. Appropriate correction is required. 

3. The disclosure is objected to because appUcant describes using present or future 
memory and communications technologies (page 14, lines 14-19). However, the 
applicant does not provide any details of how the person of ordinary skill in the art would 
actually use future memory or commimications technologies when they do not yet exist. 
The compatibility of any future technologies with applicant's invention is unknown. 
Thus, the applicant does not have possession of such future technologies. 



Abstract 

4. The abstract of the disclosure is objected to because it is substantially a copy of 
claim 1, and includes the legal phraseology "means" in lines 9, 1 1, and 15. In its current 
form, it fails to provide a clear disclosure of that which is new in the art to which the 
invention pertains. Correction is required. See MPEP § 608.01(b). 

5. Applicant is reminded of the proper language and format for an abstract of the 
disclosure. The form and legal phraseology often used in patent claims, such as "means" 
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and "said," should be avoided. The abstract should describe the disclosure sufficiently to 
assist readers in deciding whether there is a need for consulting the full patent text for 
details. The language should be a clear and concise statement of the technical disclosure 
of the patent and should include that which is new in the art to which the invention 
pertains. 



Drawings 

6. The drawings are objected to as faihng to comply with 37 CFR 1.84(p)(5) because 
Figure 1 includes the following reference characters not mentioned in the description: 
115 and 120. The drawings are also objected to under 37 CFR 1.83(a) because Figure 1 
fails to show "multiple users" as described in the specification. 

7. hi Figure 1, reference characters 105 and 1 10 appear to refer to the "multiple 
users" described in the specification, and 120 appears to refer to the "shared device" 
described in the specification as referenced by character 110. However, reference 
character 1 15 is not identified in any way and its structure and piupose are unclear. 

8. Any structural detail that is essential for a proper understanding of the disclosed 
invention should be shown in the drawing. MPEP § 608.02(d). Corrected drawing sheets 
in compUance with 37 CFR 1.121(d), or amendment to the specification to add the 
reference character(s) in the description in compliance with 37 CFR 1.121(b) are required 
in reply to the Office action to avoid abandonment of the application. Any amended 
replacement drawing sheet should include all of the figures appearing on the immediate 
prior version of the sheet, even if only one figure is being amended. Each drawing sheet 
submitted after the filing date of an application must be labeled in the top margin as 
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either "Replacement Sheet" or "New Sheet" pursuant to 37 CFR 1.121(d). If the 
examiner does not accept the changes, the applicant will be notified and informed of any 
required corrective action in the next Office action. The objection to the drawings will 
not be held in abeyance. 

9. In addition to Replacement Sheets containing the corrected drawing figure(s), 
applicant is required to submit a marked-up copy of each Replacement Sheet including 
annotations indicating the changes made to the previous version. The marked-up copy 
must be clearly labeled as "Annotated Sheet" and must be presented in the amendment or 
remarks section that explains the change(s) to the drawings. See 37 CFR 1. 121(d)(1). 
Failure to timely submit the corrected drawing and marked-up copy will result in the 
abandonment of the application. 



Claim Rejections - 35 USC§101 

10. 35 U.S.C, 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

1 1 . Claim 12 is rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. 

In claim 12, a "computer program" is recited. The computer program of claim 12 is 
not claimed as embodied in computer readable media, and is reasonably interpreted by 
one of ordinary skill in the art as software, per se. Claim 12 sets forth a mere program 
listing failing to define any structural and functional interrelationships between the 
computer program and other claimed elements of a computer which would permit the 
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computer program's functionality to be realized. As such, it is believed that the computer 
program of claim 12 is reasonably interpreted as functional descriptive material, per se. 

Claim Rejections - 35 USC§ 102 

12. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed pubUcation in this or a 
foreign country or in public use or on sale in this country, more than one year 
prior to the date of appUcation for patent in the United States. 

13. Claims 1, and 3-12 are rejected under 35 U.S.C. 102 (b) as being anticipated by 
Howard Shelton Lambert, et al., US Patent No. 6,282,649 Bl, (hereinafter "Lambert"). 

14. As to claim 1, Lambert discloses a data processing system for controlling access 
of at least one user to stored data (column 2, lines 2-3, "a data processing system ... for 
controlling user access to data," column 4, line 6, "retail till or automatic teller terminal," 
see also Figure 1) comprising: means, responsive to a request from the user to access a 
set of the stored data, for authenticating the user (column 2, lines 1 1-12, 33-35 "If the 
user key represents the required level of access authority an access key is generated from 
the user key for accessing that data or service. ... a user presents a token and inputs 
personal data (for example a personal identification number or PIN, input via a keypad)," 
Figure 1, and column 4, lines 22-25 "Partial key data (5) is read from a card presented by 
a user and supplied to a key generator (7). Personalised data such as a personal 
identification number (PIN) or biometric data is obtained from the user by a reader (8)"); 
means, responsive to successfiil authentication, for decrypting an encrypted data structure 
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associated with the user (column 4, line 16 "A decryption service module"), wherein the 
data structure comprises data associated with the set (column 2, lines 1-28 (encrypted 
data structure contains data (applets) associated with the user via authority levels, and the 
data structure comprises data associated with the set (the applets). Also, column 4, lines 
7-10 "An application store is provided to retain in encrypted form those applications 
which the terminal may be called on to perform, according to the authority of users 
requesting the application."); and means, responsive to successful decryption, for 
accessing the set (column 2, lines 38-39 "controlling user access to data or services via a 
computer system," colunm 4, lines 5-6 "retail till or automatic teller terminal," see also 
Figure 1, arid column 5, line 29 "a checkout terminal," see also Figure 4). 

15. As to claim 3, Lambert further discloses an encrypted set (column 2, line 27-28 
"data . . . stored in an encrypted form," column 4, line 7-9 "An application store . . . 
retain[s] in encrypted form those applications which the teraiinal may be called on to 
perform"), and the data associated with the set comprising data associated with 
decryption of the set (column 2, line 26-28 "decryption keys for accessing data . . . stored 
in an encrypted form," column 4, lines 9-10, 16-19 "according to the authority of users 
requesting the application ... [a] decryption service module ... to decrypt a selected 
applet under the control of a decryption key"). 

16. As to claim 4, Lambert further discloses a set comprising all of the stored data 
(column 4, lines 7-10 "[a]n appHcation store is provided to retain in encrypted form those 
applications which the terminal may be called on to perform, according to the authority 
of users requesting the application"). 
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17. As to claim 5, Lambert further discloses a set comprising portion of the stored 
data (column 3, line 28 "different sets," column 4, line 19 "a selected applet"). 

1 8. As to claim 6, Lambert further discloses a user request initiated by presentation of 
a token by the user (column 2, lines 33-34 "a user presents a token," column 4, lines 29- 
30 "The preferred system provides for access to be controlled using a smart card"). 

19. As to claim 7, Lambert further discloses a token comprising means associated 
with the identity of the user (colimm 1, lines 56-58 "identification of the user from . . . 
data held on a token such as a SmartCard," column 4, lines 41-42 "Partial data is read 
from the operator's card"). 

20. As to claim 8, Lambert further discloses a means associated with the identity of 
the user derived from one or more biometric characteristics associated with the user 
(column 3, lines 7-8 "biometric data," column 4, line 42 "biometric data"). 

21. As to claim 9, Lambert further discloses a token comprising the means for 
decrypting (column 3, lines 37-40 "Advantage is taken of the processing and storage 
facilities available on the [smart] card to perform ... the decryption[,]" column 4, lines 
34-37 "If sufficient processing and storage facihties are available on the card, the security 
of the system may be further enhanced by performing the decryption process itself using 
these facilities"). 

22. As to claim 10, Lambert further discloses stored data capable of access by more 
than one user (column 5, line 14 "multiple log ons are permitted"), and means for 
accessing data associated with each user of the more than one users (column 5, linel4-18 
"permits only multiple log ons which conform to certain rules. For example the rule may 
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require that only one valid operator is permitted with one valid supervisor, there being no 
other valid case of multiple log on"). 

23. As to claim 11, Lambert further discloses a method for controlling access of at 
least one user to stored data via a data processing system (column 2, lines 2-3, "a data 
processing system ... for controlling user access to data," column 4, line 6, "retail till or 
automatic teller terminal," see also Figure 1), comprising the steps of: in response to a 
request from the user to access a set of the stored data, authenticating the user (column 2, 
lines 1 1-12, 33-35 "If the user key represents the required level of access authority an 
access key is generated from the user key for accessing that data or service. ... a user 
presents a token and inputs personal data (for example a personal identification number 
or PIN, input via a keypad)," Figure 1, and column 4, lines 22-25 "Partial key data (5) is 
read from a card presented by a user and supplied to a key generator (7). Personalised 
data such as a personal identification number (PIN) or biometric data is obtained from the 
user by a reader (8)"); in response to successfiil authentication, decrypting an encrypted 
data structure associated with the user (column 4, line 16 "A decryption service 
module"), wherein the data structure comprises data associated with the set (column 2, 
lines 1-28 (encrypted data structure contains data (applets) associated with the user via 
authority levels, and the data structure comprises data associated with the set (the 
applets). Also, column 4, lines 7-10 "An application store is provided to retain in 
encrypted form those applications which the terminal may be called on to perform, 
according to the authority of users requesting the application."); and in response to 
successfiil decryption, accessing the set (column 2, lines 38-39 "controlling user access to 
data or services via a computer system," column 4, lines 5-6 "retail till or automatic teller 
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terminal," see also Figure 1, and column 5, line 29 "a checkout terminal," see also Figure 
4). 

24. As to claim 12, Lambert further discloses a computer program comprising 
program code means adapted to perform the steps of claim 11, when said program is run 
on a computer (columns 2-3, lines 66-67, 1-3 "a computer program product comprising 
computer readable program code stored on a computer readable storage medium, the 
computer program code providing the functions for controlling access to stored data," 
colunm 4, line 38 "the till program invokes an applet controlling operator LOG ON"). 

Claim Rejections - 35 USC § 103 

25. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

26. Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over Lambert as 
applied to claim 1 above, and further in view of Bartocci et al., European Patent 
Application Publication No. 0 204 994 A2, (hereinafter "Bartocci"). 

27. As to claim 2, Lambert fails to teach data associated with the set comprising data 
associated with the location of the set. 

Bartocci teaches data associated with the set comprising data associated with the 
location of the set (column 7, lines 1-4 "User Data Pointer [— ] This is location dependent 
address information used to direct access at this DSU [Directory Service Unit] to user 
data" see also Figure 6). 
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Therefore, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify Lambert by the user data pointer for data associated with 
the set to include the location of the set as taught by Bartocci in order to enable remote 
data management. 

Conclusion 

28. The prior art made of record and not rehed upon is considered pertinent to 
applicant's disclosure is: 

• Benaloh, U.S. Patent No. 7,047, 422 B2, referring to a unique data subset of a 
database. 

• Dillaway et al, U.S. Patent No. 5,742,756, referring to a system and method of 
using smart cards to perform security-critical operations requiring user 
authorization. 

• Moran, U.S. Patent No. 6,539,380, referring to a device, system and method for 
data access control using biometric characteristics. 

• Weiss, U.S. Patent No. 5,657,388, referring to a method and apparatus for 
utilizing a token for resource access. 

Any inquiry conceming this communication or earlier communications from the 
examiner should be directed to Bea Koempel-Thomas whose telephone number is 571 - 
270-1252. The examiner can normally be reached on Monday - Thursday & alternate 
Fridays; 0730- 1700. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nabil El-Hady can be reached on 571-272-3963. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EEC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO 
Customer Service Representative or access to the automated information system, call 
800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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